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IT  execs  are  getting  sponkr 
about  the  security  risks 
of  virtual  servers. 
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Being  competitive  starts  with  being  productive. 
Here’s  your  edge. 

To  help  your  business  be  more  productive,  the  IBM®  System  x3650  M3  Express®  server,  featuring  the  Intel® 
Xeon*  processor  5600  series,  can  help  you  achieve  up  to  40%  increased  performance)  With  more  storage 
and  memory  capacity,  it  is  now  possible  to  access  and  process  more  data  than  ever  before  -  helping  you  to 
efficientty  meet  your  increased  business  demands. 


IBM  System  x3650  M3  Express  (shown  above)  IBM  System  x3SS0  M3  Express 


IBM  System  Storage*  DS3S00  Express 


Dual  controller  storage  system  with  2  GB  cache,  four  6  Gb  SAS  host 
attachment  ports  and  12  3.5-inch  SAS  disk  drive  bays. 


See  for  yourself. 

See  how  much  you  could  be  saving  -  in  just  minutes  - 
with  the  IBM  Sy^ems  Consotidation  Evaluation  Tool. 

ibm.com/systems/productivity 

1  866-872-3902  .  1 6NaAH3C- 


YOUR 


REMOTE 

SUPPORT 

SILVER  BULLET. 


It  FREE  for  30  Days 

.gotoassist.com/computer 


You’ve  heard  the  call  for  help  and  are  ready  to  ride  -  all 
you  need  is  the  best  tool  to  let  your  skills  shine.  With  the 
simple  yet  powerful  technology  of  GoToAssist*  Express'", 
you'll  connect  with  customers  like  never  before. 

Speed  -  Instantly  support  up  to  8  clients  at 
Unlimited  Use  -  Wrangle  all  the  issues  you  want  for  one  flat  fee. 
Performance  - 1 00%  reliability  you  can  hang  your  h£ 
Unattended  Support  -  Wbrk  while  customers  are  away. 


While  you 

were  out...  If  you  miss  a  call,  you  miss  an 

opportunity.  With  Sprint  Mobile  Integration  and  Global  MPLS, 
you'll  have  one  number,  one  voicemail  and  one  easy  way 
to  control  mobile  usage.  Simplify  the  way  your  company 
stays  in  touch.  Make  it  easier  for  clients  to  reach  you. 

And  reduce  company  telecom  expenses.  Less  dialing, 
happier  clients.  Start  closing.  1-866-653-1056 
sprint.com/convergence 

Sprint 


<b 


IT  professionals  name  Sprint  best  provider  of  MPLS-delivering 
best  value,  customer  service,  technology  and  network  reiiability. 


WASHINGTON  WATCH 


FCC:  Wireless  spectrum  Shortage  Looms 


M 


FA  traffic  in  the  U.S. 

I  will  be  35  times  hitler  in  2014 

in  it  was  in  2009,  leading  to 

nassive  wireless  spectrum 

shortage  if  the  government  fmls  to  malce  m< 


mission  said  in  a  paper  released  last  month. 

About  42%  of  U.S.  mobile  customers  now 
own  a  smartphone,  up  from  16%  three  years 
ago,  and  between  the  first  quarter  of  2009 
and  the  second  quarter  of  2010,  daU  use  per 
mobile  line  grew  by  450%,  the  paper  said. 

The  FCC  expects  smartphone  use  —  and 
a  corresponding  increase  in  mobile  data  use 
—  to  continue  to  skyrocket,  FCC  Chairman 
Julius  Genachowski  said. 

“If  we  don't  act  to  update  our  spectrum  pdi- 


March,theFCCcalledfor30oMH^ofspec- 
trum  to  be  made  available  for  mobile  broadband 
uses  in  the  next  five  years,  and  an  additional 
200  MHz  in  the  subsequent  five  years. 

Much  of  that  spectrum  would  come  from 
bands  now  controlled  by  the  FCC  or  other  gov¬ 
ernment  agencies,  but  120  MH2  would  come 
from  spectrum  now  owned  but  unused  by  U.S. 
television  stations.  Under  the  broadband  plan, 
the  stations  would  give  back  unused  spectrum 
in  exchange  for  part  of  the  profits  when  the 


The  National  Association  of  Broadcasters 
was  cool  to  the  proposal  that  TV  stations  give 
up  spectrum.  NAB  Executive  Vice  Presi- 


40,000  people. 

The  IPad  was  released  on  April  3. 
a  Saturday,  and  Hedges  quickly  ar¬ 
ranged  to  buy  10  iPads  to  ship  to  a 
trade  show  in  Germany  the  follow¬ 
ing  Wednesday. 

Normally.  Medtronic  has  large 
and  very  expensive  displays  at  its 
booth,  but  in  this  case  it  loaded  up 
the  iPads  with  product  information 
and  then  put  them  on  display. 

The  iPad  wasn't  being  sold  yet  in 
Europe,  and  the  devices  were  an 
immediate  hit,  Hedges  recalled  at  a 
Gartner  inc.  event  last  month. 

"It  was  such  a  huge  success, 
because  people  came  to  our  booth 
not  to  look  at  the  Medtronic  product 
but  to  look  at  the  iPad,"  he  said.  "I 
didn't  care  - 1  just  wanted  them  at 
the  booth." 

But  Hedges  bought  many  more 
iPads  because  they  offer  instant 
access  to  data  and  video,  a  par- 


Our  award-winning  ESET  NOD32®  Antivirus  is  the  faster,  smarter,  easier-to-manage 
defense  against  Internet  threats.  With  a  unified  management  console  that  scales  to 
support  small  and  large  business  networks,  ESET  NOD32  delivers  advanced  proactive 
protection  for  all  your  endpoints,  whether  they  are  running  Windows,  Mac  or  Linux. 


NOD32 
Antivirus  4 
for  Mac 

Cross-platform  protection 
—  one  console 


NEWS  ANALYSIS 


U  Complexity  kills.  Complexity 
sucks  the  life  out  of  users, 
developers  and  IT.  Complexity  makes 
products  difficult  to  plan,  build,  test  and  use. 


Ozzie  to  Microsoft 
Sin^lify,  Simplify... 

The  chief  software  architect’s  ‘doomsday-ish’ 
clarion  call  implores  Microsoft  to  further  embrace 
cloud  computing  or  face  irrelevancy  in  an 
industry  it  has  iong  dominated.  By  Gregg  Keizer 


DEPAKTIMS  MICROSOFT  CORP.  aecuUve  Ray  Ozzie  is 
leaving  behind  a  new  five-year  plan  that  exhorts  the 
company  to  push  further  into  the  cloud  —  or  perish. 

The  so-called  Dawn  of  a  New  Day  memoran¬ 
dum  written  by  Ozzie,  who  succeeded  Bill  Gates  as 
Mkrosoft’s  chief  software  architect  in  2006,  urges  the  company 
to  imagine  a  world  where  the  PC  is  re|daced  by  a  slew  of  simple, 
low-cost  devices  that  are  constantly  connected  to  the  Internet 
and  through  that  to  cloud-based  services. 

The  memo  was  posted  on  Ozzie’s  personal  Mog  site  shortly 
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after  Microsoft’s  Oct.  i8  announcement  that  the 
creator  of  Lotus  Notes  planned  to  retire  soon. 

Wes  Miller,  an  anal)^  at  Directions  on  Microsoft 
and  a  former  Microsoft  product  manager,  noted  that 
Ozzie's  “doomsday-ish”  missive  “rarely  mentions  the 
words  PC  or  Windows.  The  words  that  are  most  promi¬ 
nent  are  devices  and  services.  That  shows  that  Ozzie 
believes  the  future  will  revolve  around  connected 
devices  and  continuous  services." 

The  communique  is  in  many  ways  reminiscent  of 
one  Ozzie  wrote  in  2005  warning  officials  that  the 
company  had  to  quickly  jump  into  the  cloud. 

“Ray  has  become  synonymous  with  connected 
collaboration  and  the  cloud,”  Miller  said,  noting 
that  Ozzie  oversaw  development  of  the  Azure  cloud 
platform  that  Microsoft  released  earlier  this  year.  “He’s 
fought  the  valiant  fi^t  at  Microsoft,  but  he's  saying 
the  company  needs  to  continue  investing  in  the  cloud.” 

While  Ozzie  acknowled^  the  success  that  some 
of  Microsoft’s  rivals  have  had  in  moving  toward  his 
worldview,  he  didn’t  name  names.  “Our  early  and  clear 
vision  notwithsunding,  their  execution  has  surpassed 
our  own  in  mobile  experiences,  in  the  seamless  fusion 
of  hardware  &  software  &  services,  and  in  social  net¬ 
working  &  myriad  new  forms  of  Internet-centric  social 
interaction,"  Ozzie  wrote. 

Ozzie  didn't  have  to  menticm  Apple,  Google  or 
Facebook  to  get  his  message  across  to  Microsoft,  said 
Miller.  “They  know  who  he’s  talkii^  about.” 

The  memo  urged  Microsoft  to  stress  simplicity 
over  complexity  and  essentially  said  that  the  lucrative 
35-year-old  Windows  franchise  and  its  surrounding 
ecosystem  are  examples  of  the  latter. 

“Complexity  kills,”  Ozzie  said.  “Complexity  sucks 
the  life  out  (rf  users,  developers  and  IT.  Complexity 
makes  products  difficult  to  plan,  build,  test  and  use. 
Conq^xity  introduces  security  challenges.  Complex¬ 
ity  causes  administrator  frustration.” 

It’s  unlikely  that  Ozzie’s  message  came  as  a  surprise 
to  Microsoft’s  management  team.  “This  may  be  the  last  chance 
for  Ray  Ozzie  to  make  his  thoi^ts  known,  but  I  think  he’s  said 
this  internally  for  a  long  time,"  said  Miller. 

But  moving  from  a  PC-centric  world  into  the  cloud  won’t  be 
easy  for  a  company  the  size  of  Microsoft. 

"My  frustration  is  that  it’s  a  big  ship,  and  the  velocity  with 
v^cb  the  boat  is  going  will  make  it  ^d,”  Miller  said.  “You’re 
talking  about  Competing  with  companies  that  are,  if  not  out- 
innovating  Microsoft,  then  outpadi^  them."  ♦ 

Nancy  Gohring  0/  the  IDG  News  Service  contributed  lo  this  story. 


barter  technology  for  a  Smarter  Planet: 

What  99.9%  system  uptime 
means  to  a  kilo  of  gold. 


'  means  that  the  futures 
Exchange  (DGCX)  ha-: 
security  breach  due  t 
Solutions  to  help 
trading  services  an 
systems  and  services. 


•naae  instantly  and  more  securely.  The  Dubai  Gold  S 
•  .  m  .  ■  network  of  worldwide  members  tor  four  years 
.  '  1  -  ",  ,„t  a  /  r-planneO  downtime.  The  DGCX  worked 
"  .  1  prevention  system  that  Guilds  security  into  every 

.idapts  to  ever-evolvinq  threats.  A  smarter  business  is 


New  IT  User  Group 
Targets  ‘Super  Vendors 

The  Open  Data  Center  Alliance,  which  claims  to  collectively 
spend  billions  on  IT,  hopes  to  wield  a  big  stick  in  combating 
vendor  lock-in  and  tech  consolidation.  By  Patrick  Thibodeau 


WHEN  THE  OMN  DATA  CEHTEH  AUIANCE  was 

introduced  late  last  month,  its  leaders  claimed 
that  the  initial  70-plus  members  represented 
“over  $50  billion  in  collective  IT  spending.”  Their 
message  to  IT  vendors  was  uiunistakable. 

Andrew  Feig,  global  head  of  the  technology  advisory  group  at 
alliance  member  UBS.  said  the  new  association  aims  to  help  its 
members  retain  “the  ability  to  really  run  out  business  the  way  we 
want,  versus  being  told  how  to  tun  it  [by  vendors]." 

Thus  the  consortium  will  use  its  combined  dout  to,  among 

other  things,  persuade  technology  companies  to  slow  or  halt 
several  trends,  inchidii^  the  move  tow^ 

vendor  lock-in  in  the  doud,  the  increase  in  nnpkl 

the  number  of  proprietary  and  highly  inte-  MUtM 

grated  technol^  stacks,  and  the  continu-  Wi  Iwll 

ation  of  IT  industry  consolidation  —  which  H  STS 

alliance  members  cite  as  a  key  cause  of  the  UAIM 

The  worldwide  alliance's  membership  l,rM  I  I 

includes  major  companies  in  a  variety  of  in-  _ 

dustries  that  aren’t  focused  on  any  one  tech-  HI  I  jfl 
nningy,  inrliiding  jiitnmaker  BMW;  financial  nLLvIfl 


OPENS^ 
DATA  •m 
CENTER  A 
ALLIANCE/ 


that  look  at  broad  corporate  IT  needs, 
such  as  cross-plathHin  management, 
interoperability  and  the  al^ty  to 
move  infrastructure  and  applications 
from  one  doud  platform  to  another. 

Then  the  group  will  use  its  hoped- 
for  dout  to  urge  tech  vendors  to  plan 
products  with  those  needs  in  mind. 

PFeig  said  many  of  the  problems 

faced  by  large  users  can  be  traced  to 
the  persistent  indrrstry  consolidation 
1  5  that  is  creating  what  Gartner  Inc. 

calls  “super  vendors." 

LvJ.vAl.  “Consolidation  is  continuing  at  a 

rapid  pace,"  he  said.  “Start-ups  get 
■nllortiualu  bou^t  early  on  in  their  life  cyde 

.UIIIN.llVeiy  and  never  get  to  become  big  com- 

combating  petitors  to  atry  of  these  guys.” 

IrThihnrfaail  Feig  warned  that  without  adequate 

KiniQUWMU  recourse,  companies  that  become 

.  excessively  reliant  on  integrated 

products  made  by  the  big  vendors 
will  become  less  likely  to  adopt  innovative  new  technologies. 

Martin  Wheeler,  chief  strategy  officer  at  IT  infrastructure 
services  provider  Terremark  Worldwide  Inc.,  and  chairman  and 
secretary  of  the  aUiance,  adtled,  “We’ve  got  to  start  having  an 
organized  voice  so  all  these  tremendous  technological  advances 
can  be  organized  in  a  meaningful  way." 

Alliance  President  Curt  AuUey,  who  is  vice  president  of  cyber¬ 
security  and  next-generation  irmovations  at  Lockheed  Martin 
Information  Systems  and  Global  Services,  said  he  sees  “amazing 
capabilities”  devetojang  on  the  Web.  However,  he  added,  if  a 
developer  “needs  to  move  applications  that  they  develop  on  one 
cloud  platform  to  another  cloud  platform,  they 
are  in  essence  rewriting  that  application.” 

Vendors  encourage  feedback  and  want  to  be 
responsive  to  customer  demands,  said  AuUey. 
The  consortium  will  provide  that  feedback  “in  a 
more  unified  fashicm,”  be  explained. 

Eunice  said  the  creation  d  the  alliance  was 
likely  encouraged  in  part  by  social  media, 

^  which  has  led  to  mote  collaboration,  openness 

'L  9  and  new  attitudes  about  cooperation  between 

Ft  ^  vendors  and  their  customers.* 
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ON  SALE! 


Call  1-877-GO-1AND1  or  visit  us  now 


www.1and1.com 
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Enterprise 

INTELU6ENCE 

AWARDS 

Sponsored  by 

Teradata 


Congratulations,  to  the 
2010  Winners  and  Finalists! 

ACHIEVING  ENTERPRISE  AGILITY 

Computerworld  proudly  announces  the  results  of  this  year's 
Enterprise  Intelligence  Awards  Program.  This  program  honors  best 
practices  in  the  use  of  information  technology  solutions  built  on 
Teradata  platforms. 

The  world's  business  leaders  have  trusted  Teradata  and  its  partners 
for  decades  as  the  key  to  their  competitive  edge...  empowering 
innovators  to  cut  through  the  complexities  of  business  to  make 
smarter,  faster  decisions. 


The  Winner  and  Finalists  in  each  category  are: 

Customer  Intelligence  and  Management 
Winner:  Maybank  Berhad 

For  the  significant  business  and  technical  results  of  its  Analytical  Customer  Relationship  Management  (aCRM)  project. 
With  an  ROI  of  180%,  the  system  shortened  lead  generation  time  from  weeks  to  one  day. 

Finalist:  Shop  Direct  Group  submitted  with  Speed-Trap 

Finalist:  The  Bank  of  East  Asia,  Limited  FOCUS 

Excellence  in  Bl  and  Analytics 

Winner:  Cabela's  Inc.  submitted  with  Informatica  Corporation 

For  a  multi-channel  data  warehouse  initiative  and  creation  of  an  analytical  information  framework  that  has  improved 
advertising  effectiveness,  inventory  and  margin  strategies. 

Finalist:  Station  Casinos  submitted  with  IBM 
Finalist:  VIVO,  S/A 

Government  and  Non-Profit 

Winnen  Defense  Logistics  Agency  (DLA)  and  United  States  Transportation  Command 
(USTRANSCOM) 

For  eKceHence  in  strategic  reuse  of  existing  architecture  across  government  agencies  to  create  a  scalable  system  that 
enables  hster  development  of  data  applications. 

Finalist  Centers  for  Medicare  &  Medicaid  Senrices 

Finalist  Land  Transport  Authority  of  Singapore  submitted  with  Wipro  Technologies 


Industry  Innovation 
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Continued /nm  page  12 
The  mining  indus¬ 
try  is  closely  tied  to  the 
economy.  When  pro¬ 
duction  ramps  down. 


area,  our  largest  to 
date.  Our  No.  3  prior¬ 
ity  IS  enhancements 
to  the  ERP  system, 

I  production  in  April  2011. 
the  exploration  and 


Management  realized  they  couldn’t  scale.  If  we  went 
out  and  bought  another  mine,  we  could  not  integrate 
that  operation  onto  the  platform  that  exists.  If  we 
put  a  mine  in  Arizona  or  Guatemala,  we  wouldn’t 
have  best-in<lass  systems  and  business  processes 
for  it.  Our  current  business  processes  are  very  much 
custom-uikned  to  how  peo^  were  doing  things  in 
Flin  Flon.  They  ate  not  scalable.  They’re  very  manual. 

Hw  dMf  Ik*  ruMtMim  nr  Flia  non  alhct  your  IT 
arcMtcctlirc?  We  have  mini  dau  centers  at  these  sites 
for  performance  reasons.  However,  I  am  not  sure  if 
we’re  going  to  stay  with  this  model.  Our  new  ERP 

system  will  be  a  shared  service  and  will  be  hosted  in 

our  primary  location. 


»  new  ERP  system  In  a  eultur*  that  Isn’t  used  to 
chanse?  You’ve  got  people  who  enjoy  doing  things  the 
way  they  have  always  done  them  for  25  or  30  years. 

So  to  come  along  and  say,  “Here’s  something  new 
and  something  you  can  do  differently,”  there’s  a  huge 
amount  of  resistance  to  that. 

We’re  talking  about  that  right  now  with  out  ERP 
implementation.  There  has  not  been  a  major  software 
implemenutioo  in  this  company  since  the  early  ’90s. 
For  us  to  introduce  this  new  ERP  system  with  new 

functionality,  new  ways  of  doing  things  and  chang- 

ii^  the  business  processes,  they’re  finding  that  very 
difficult  to  cc^  with. 

How  are  you  addressing  that  resistance?  The  conver¬ 
sation  [needs  to  be]  around  change  management  and 
how  you  get  people  to  identify  with  the  project. 

If  per^le  can’t  identify  with  it,  it  has  no  relevance 
to  their  job.  In  fact,  the  guy  who  is  driving  a  pickup 
truck  [at  a  mine  site]  may  not  see  a  significant  impact 
in  terms  of  his  job.  But  in  terms  of  scheduling  that 
person’s  job  and  scheduling  repairs  for  that  truck  and 
ordering  parts  —  that  all  will  be  driven  by  business 
processes  governed  by  the  new  ERP  system.  So  we 
have  someone  who  works  with  each  of  the  department 
heads  to  come  up  with  a  way  of  explaining  how  the 
change  impacts  people  so  they  can  identify  with  it. 

There  are  Just  6,500  people  in  the  greater  Flln  Flon 
area.  HOW  do  you  find  qualified  IT  people  In  such  a 
remote  location?  It  is  very  difficult  to  recruit  people, 
so  we  developed  a  program  that  takes  people  who 
are  already  in  the  organization  and  trains  them  to 
become  IT  professionals.  These  people  could  be 
working  anywhere  in  mining  operations. 

yyhat  are  your  IT  organizatioo’s  biggest  challenges? 

One  is  the  perception  of  FT  as  an  order-taker.  Not 
only  can  we  provide  services,  but  we  can  anticipate 
the  business  needs  and  come  to  the  table  with  things 
that  add  value. 

For  example,  our  exploration  and  develt^mieot  di¬ 
vision  is  the  lifeline  of  this  organization.  ’They’re  the 
ones  that  go  out  and  find  new  mines  or  extend  the 
ore  body  beyond  what  currently  exists.  We  provide 
them  with  laptops  and  e-mail,  and  that’s  about  it. 
They  have  k^  all  of  their  geological  data  on  spread¬ 
sheets  and  paper.  They  could  leave,  and  we  would 
have  no  idea  what  they  did  or  did  not  do.  So  we’re 
lookii^  at  how  to  digitize  all  of  that  geological  daU 
and  how  to  connect  it  so  that  it’s  more  meaningful. 

We  have  historical  daU  that’s  been  sitting  in  vaults 
for  40  or  so  years.  If  we  digitize  it  and  apply  some 
new  algorithms  to  it  that  didn’t  exist  40  or  50  years 
ago,  they  could  probably  find  some  more  mines  on 
land  we  explored  and  [thought  was]  exhausted.  This 
is  an  area  where  IT  can  play  a  leadership  role. 


WHENMUAND  jumps.  I  m  at  the  perfect  height. 
I  haveAoud  power. 


Microsoft 


Cloud  Power 


THE  MOST  COMPREHENSIVE  SOLUTIONS  FOR 


THE  CLOUD.  ON  EARTH. 

f*Hyper-V*.  team  more-«t 


a-  OPINION 

5.IVMIGHMI-NICH0LS^ 


The  iPad  Stands  Alone 


i  predicted 
that  Linux- 
based  tablets 
would  quickly 
give  the  iPad 
a  run  for  its 
money.  I  was 
wrong. 


I  HERE  IS  the  iPad’s  competition? 

I  By  this  time,  I’d  expected  to  see  some  real  comers  gunning 
f  for  Apple’s  iPad  tablet.  Hasn’t  happened. 

You  want  to  talk  about  HP’s  just-released  Slate  500?  It  has  a 


startup  list  price  of  $799.  An  iPad  can  cost  that 
much,  but  the  price  starts  at  $499.  and  people 
have  demonstrated  that  they’re  willing  to  pay  that 
much  and  mote.  Are  people  grang  to  feel  the  same 
way  about  the  Slate  500?  Hi^  doubtful. 

The  Slate  has  an  8.9-in.  screen,  compared  to 
iPad’s  9.7  in.,  and  it  runs  Windows  7.  Now,  tell 
me,  how  many  Windows  7  apps  are  there  for  a 
pure  touch-screen  tablet?  The  iPad  boasts  over 
5,000.  And  get  this:  For  your  800  bucks,  you  get 
a  Wi-Fi-only  device.  Makes  you  wonder  whether 
HP’s  goal  is  to  see  whether  it  can  ship  a  product 
that  can  die  even  faster  than  Microsoft’s  Kin  did. 

Some  people  would  tell  you  that  since  Windows 
is  under  the  hood,  the  Slate  is  going  to  get 
snapped  up  by  business  users  who  wouldn’t  touch 
an  Apple  product.  Really?  Thousands  of  people 
are  already  buying  iPads  for  business  use. 

It’s  not  just  HP,  though.  HP  just  stands  out  for 
having  the  dumbest  iPad-rival  launch  to  date. 
Anyone  paying  attention  knows  that  iPads  are 
selling  ^er  than  hotcakes  on  a  cold  Vermont 
morning.  So,  where  are  the  iPad’s  rivak? 

The  first  problem  was  that  everyone  under¬ 
estimated  just  how  popular  the  iPad  would  be. 
There  was  a  sense  it  was  going  to  be  big,  but  who 
knew  that  almost  7.5  million  iPads  would  be  sold 
in  the  device’s  first  two  quarters  of  existence?  Sud¬ 
denly,  tablets  went  from  being  a  niche  market  for 
companies  like  Fujitsu  to  being  big,  big  business. 

The  result?  Almost  no  one  had  their  manu- 


product  into  a  best-seller,  1  predicted  that  Linux- 
based  tablets  would  quickly  give  the  iPad  a  run  for 
its  money.  1  was  wrong.  1  still  think  it  will  happen, 
just  not  as  soon  as  I  thought. 

Linux-powered  tablets  like  the  Dell  Streak, 
which  is  due  to  get  upgraded  to  Android  2.2,  are 
finally  making  their  way  into  the  marketplace,  but 
there  won’t  be  a  flood  of  them  out  by  the  holidays. 

It  turns  out  that  while  Android  2.0  and  2.2 
make  killer  smartphone  operating  systems,  they’re 
not  quite  ready  tor  taWets.  ’The  problem  that  many 
would-be  Android  tablet  builders,  such  as  Arcbos, 
Toshiba  and  ViewSonic,  have  encountered  is  that 
the  current  generations  of  Android  don’t  do  such  a 
great  job  with  a  taMet’s  larger  interface. 

The  other  Linux  contenders,  such  as  MeeGo  — 
the  embedded  Linux  with  the  best  chance  to  rival 


tor,  but  historically  Microsoft  has  always  flopped 
with  mobile  phones  and  other  embedd^  devices. 
The  folks  in  Redmond  have  also  done  a  lousy  job 
of  competing  head-to-head  with  Apple  in  this 
arena.  1  can  make  my  point  with  one  word:  Zune. 

So,  for  the  time  being,  or  at  least  through  the 
2010  holiday  season,  the  iPad  rules.  Sometime 
in  2011,  we’ll  start  seeing  teal  competition,  but 
not  this  year.  I  still  think  that  the  Android  Linux 
modek  will  be  the  first  to  give  the  iPad  a  real  race. 
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migration  tool  to  move  a  server  onto  different  hardware  for  maintenance 


Failure  to  implement  best  ptaaices.  or  to  establish  a  dear  separation  of 


Mule,  a  senior  security  consultant  at  USA. -Foks  still  today  don’t  like  to 
practice  segregation  of  duties.  They  give  the  crown  jewels  to  a  small  num¬ 
ber  of  people.- MUe  says.  He  recommends  developing  a  strong  change- 
ment  tickets. 


ment  requirements.  The  bank  tried  using  VMwaie’s  logging  capabilities 
but  needed  a  better  way  to  consolidate  the  information.  “Getting  at  those 
logs  was  nontrivial."  he  says.  He  ended  up  using  a  dedicated  tool  from 
HyTrust  that  provides  a  central  log  of  an  activity. 

ThebankalsousedHyrrusttosetupaconipleCelysegregatedvirtualen- 
vironnient  for  the  chief  security  officer,  who  can  monitor  the  entire  physi¬ 
cal  and  virtual  server  intrastructuie. 

The  key  is  to  assure  your  management  that  there's  no  administrator 
abuse."  Nguyen  says.  "Vue  needed  to  be  certain  that  we're  administering 
systems  and  not  peeking  into  the  data." 

-  ROBERT  L.  MITCHELL 


virtual  servers.  “'The  last  thing  I  want  is  25  servers  out 
there  that  I  don’t  know  exist,"  he  says. 

John  Kindervag,  an  analyst  at  Forrester  Research 
Inc.,  says  he’s  heard  stories  from  chents  who  have  had 

VMware’s  vCenter  management  console  compro¬ 
mised,  enabling  the  attacker  to  copy  avirtual  machine 
that  can  then  be  run  to  access  data- “When  you  steal  a 
VM,  it’s  like  you  broke  into  the  data  center  and  stole  a 
piece  of  hardware.  It’s  potentially  devastatir^."  be  says. 

“We  worked  for  many  years  with  customers  on  best 
practices  that  make  this  a  complete  nonissue,”  says 
Venu  Aravamudan,  senior  director  of  product  market¬ 
ing  at  VMware  Inc.  He  says  most  users  address  such 
risks  by  following  best  practices  such  as  creating  an 

isolated  network  segment  for  managing  the  resources, 
and  creating  role-based  access  controls. 

'The  migration  onto  virtual  servers  has  saved  busi¬ 
nesses  huge  sums  of  money  as  a  result  of  consolida¬ 
tion  and  improved  efficiency,  but  as  virtualization 

Corrtinued  on  page  24 


Customers  wake  up  one 
dayg  realize  that  50%  of 
their  business-critical 
apps  reside  on  virtual 
infrastructure  and  say, 
Hieey  is  that  secure?' 
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gobbles  up  more  and  more  production  servers,  some 
IT  executives  are  getting  indigestiotL  Has  anything 
been  overlooked?  Could  a  catastrophic  breach  bring 
down  critical  applications  —  or  perhaps  an  entire 
dau  center? 

“Customers  wake  up  one  day,  realize  that  50%  of 
their  business-critical  apps  reside  on  virtual  infra¬ 
structure  and  say,  ‘Gee,  is  that  secure?’  That’s  very 
common,'  says  Kris  Lovejoy,  vice  president  of  strategy 
at  IBM  Security  Solutions,  a  security  consultancy. 

“There  are  some  huge,  well-known  corporate 
names  around  the  globe  that  you’d  think  would  have 
this  stuff  pretty  much  beat.  ’That  couldn’t  be  further 
from  the  truth,"  says  Andrew  Mute,  a  senior  security 
consultant  in  EMC  Corp.’s  RSA  unit. 

The  problem  isn’t  that  a  virtual  infrastructure  is 
difficult  to  secure  per  se,  but  that  many  companies 
still  haven’t  adapted  their  best  practices  (if  they  have 
them)  to  the  new  environment. 

Virtual  Headaches 

Virtualization  introduces 
technologies  —  including 
a  new  software  layer,  the 
hypervisor  —  that  must  be 
managed.  Also  new;  virtual 
switching,  which  routes 
network  traffic  between 
virtual  servers  in  ways  that 
aren’t  always  visible  to  tools 
designed  to  monitor  traffic  on 
the  physical  network. 
Moreover,  virtualization 
breaks  down  the  traditional  separation  of  duties 
within  IT  by  allowing  a  single  administrator  to 
generate  new  virtual  servers  en  masse  at  the  push 
of  a  button,  without  approval  from  purchasing  or 
input  from  the  network,  storage,  business  cMitinuity 
or  IT  security  groups  (see  “Beware  the  All-Powerful 
Admin,”  page  zo). 

Meanwhile,  virtualization-aware  security  technol¬ 
ogies  and  best  practices  are  still  evolving.  Tlie  market 

has  emerged  so  quickly  that  customers  haven’t  been 
able  to  keep  up  from  a  best-practices  standpoint,  says 
Lovejoy.  ’There’s  a  lack  of  knowledge  on  the  subject 
and  a  lack  of  skills  in  the  field. 

“The  questions  about  security  in  a  virtual  environ¬ 
ment  are  centered  around  lack  of  visibility,  lack  of 
control,  and  fear  of  the  unknown,"  says  Bill  Trussell, 
managing  director  of  security  research  at  Thelnfo- 
Pto,  an  IT  market  research  firm  in  New  York. 

Could  someone  hijack  a  hypervisor  within  a  busi¬ 
ness’s  virtual  infrastructure  and  use  it  to  compromise 

all  of  the  virtual  servers  residii^  on  top  of  it  —  as  one 

aO  feared?  Could  an  attacker  breach  one  virtual 
server  and  use  it  as  a  platform  to  attack  another 
virtual  server,  such  as  a  payment-card  processing  ap¬ 
plication  residing  on  the  same  hardware,  without  the 


HYPERVISOR: 

THE  VIRTUAL  ENFORCER? 


»e  affaing  add-on  software  to  beef  up  the 
security  ol  the  hypervisor  layer.  But  some  experts 
worry  that  as  the  layer  gets  more  crowded  and 

attacks.  For  more  on  this  topic  see  our  story  at 


administrator  ever  knowing  about  it? 

Concerns  about  scary  scenarios  like  those  persist 
despite  the  fact  that  there  have  been  no  known 
attacks  against  virtual  infrastructures,  says  Eric 
Baize,  RSA’s  senior  director  for  secure  infrastructure. 

When  TheInfbPro  surveyed  214  IT  security  profes¬ 
sionals  earlier  this  year,  it  found  that  one-third  were 
“very  or  extremely"  concerned  about  security  in  a 
virtualized  environment 

Worries  about  an  attack  that  could  compromise  a 
hypervisor  rose  after  Joanna  Rutkowska’s  demonstra¬ 
tion  of  the  "Blue  Pill”  hypervisor  malware  rootkit  at  a 
Black  Hat  conference  in  2006. 

Since  then,  however,  the  industry  has  moved 
forward  with  hardware  technologies  to  ensure  the 
integrity  of  hypervisors,  such  as  Intel’s  Virtualiza¬ 
tion  Technol^  for  Directed  I/O  (known  as  VT-d). 
"Today,  most  of  [Intel’s]  Core  is  and  ty  processors 
have  those  technologies,"  and  virtualization  software 
providers  have  moved  to  support  those  features,  says 
Rutkowska,  founder  and  CEO  of  Invisible  Things 
Lab.  an  IT  security  research  firm. 

Rutkowska  herself  doubts  that  anyone  will  actually 
use  a  Blue  Pill-type  rootkit  to  compromise  virtual 
machines.  “The  bad  guys  don’t  really  have  any  incen¬ 
tive  to  use  such  sophisticated  rootkits,"  she  says, 
especially  since  better-known  rootkit  technology 
from  the  ’90s  still  works  well  for  attacking  traditional 
operating  systems. 

“People  ate  wringing  their  hands  over  theoretical 
scenarios  rather  than  ones  that  have  been  document¬ 
ed  to  be  a  problem,"  Trussell  says. 

But  virtualization  does  involve  risks  if  best 
practices  aren’t  followed  and  adapted  to  a  virtual 
infrastructure.  For  example,  the  hypervisor  must  be 
patched  just  like  any  other  operating  system,  says 
KC  Condit,  senior  director  of  information  security  at 


Rent-A-Center. 

Security  consultants  say  they’ve  noticed  a  wide 
variety  of  security  problems  at  customer  sites. 

Lorejoy  is  seeing  malware  and  cross-site  scripting 
issues  that  result  from  poorly  constructed  virtual 
machine  images,  for  example.  “Commonly,  that 
image  will  contain  malware  or  have  vulnerabilities 
that  can  be  exploited  very  easily,"  she  says.  “It  used  to 

happen  once.  Now  these  images  ate  being  deployed 

without  end,  creating  massive  headaches  for  people.” 

“We’re  seeing  a  lot  of  misconfigured  hypervisors,” 
adds  RSA’s  Mule.  He  says  he  often  sees  ^r  patch- 
management  practices  for  virtual  machines  and 
the  use  of  easily  guessed  or  default  usernames  and 
passwords  for  virtual  machine  manager  programs 
that  have  full  access  to  the  hypervisor.  In  addition,  he 
says,  “we  sporadically  see  virtual  machine  manage¬ 
ment  tools  on  the  wrong  side  of  the  firewall." 

Using  default  passwords  when  creating  new  virtual 
servers  is  very  common,  says  Harold  Moss,  CTO  of 
cloud  security  strategy  at  IBM  Security  Solutions, 

Continued  OR  page  26 
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and  people  responsible  for  administering  the  new 
machines  don't  always  change  them  either.  Would-be 
thieves  could  dial  into  a  machine,  guess  the  password 


somewhere  —  those  files  must  be  protected.  "You 


curity  engineer  for  the  Phoenix  city  government.  SI 
says  the  city  uses  a  combination  of  physical  security 
network  storage  access  crmtrols  and  file  integrity 
monitoring  to  protect  virtual  machine  images. 

The  trafiic  flowing  between  virtual  machines  is 
aixxher  area  of  concern,  since  firewalls,  intnision-di 
tectkm  and  -prevention  systems,  and  other  monitori 
tools  can't  tell  if  the  virtual 


GETTING  WORRIED 

How  concerned  Is  your  organization  with  the 
issue  of  security  In  a  virtualized  environinent? 


36% 


ing?  And  ate  they  over 
secure  chatmels?”  asks 
Iordan.  While  the  city  has 
a  significant  investment 
in  virtual  infrastructure, 
Jordan  won't  even  talk  about 
the  technology  or  its  scope, 
citing  security  concerns. 

WithVMwate'sESX 
Server  and  the  other  major 
virtualization  platforms,  the 
data  that  nasses  between 


Akor  Networks,  Catbird  Networks  and  HyTrust  that 
have  been  tailored  specifically  to  virtual  machines. 

More  important,  the  core  network  architectures 
need  to  change  to  accommodate  virtualization,  says 
USA's  Mule.  "Networks  that  work  correctly  with 
physical  servers  don't  necessarily  work  well  with 
virtual  machines.  Security  would  be  improved  if 
proper  routing  and  subnets  and  virtual  LANs  were 
implemented,”  he  says.  Most  business  continuity 
failures  in  virtualized  settings  can  be  attributed  to 


Flags,  uses  virtual  LANs  to  segregate  virtual  servers 
"Depending  on  how  we  set  up  touting  rules,  they 
may  or  may  not  be  able  to  talk  to  each  other,"  he  say! 

But  MacDonald  cautions  that  "VLANs  and  router 
based  access  controls  alone  ate  not  sufficient  for 
security  separation.”  Tlie  research  firm's  guidelines 
call  for  the  deployment  of  some  sort  of  virtualizatioi 


n  security  zone.  “I  had  to  fight  with 
s  who  swear  up  and  down  that  the  hy- 
fo  that.  But  1  trust  firewalls  more  than  1 


today  in  terms  of  controls  for  virtual  infiastructute. 
What  is  lacking  is  the  uixlerstandii^  of  what  the  con¬ 
trols  are  for  and  when  they  should  be  applied,”  he  says. 

The  best  way  to  create  a  secure  virtual  infrastruc¬ 
ture  is  to  get  security  experts  involved  early.  Gartner 
estimates  that  as  many  as  40%  of  IT  shops  don't  seek 
IT  security's  input  on  a  virtual  deploymem  until  after 
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with  different  levels  of  security  controls.  In  addition,  the  steering 
group  created  a  specific  site  to  lock  down  any  content  containing 
personally  identifiable  information,  with  oversight  by  the  data  secu¬ 
rity  staff.  “No  one  can  ^t  into  that  area  without  security  knowing 
about  it."  Rettig  says.  If  personally  identifiable  information  is  found 
outside  of  that  boundary,  either  through  an  automated  scanner  or 
human  detection,  it  s  immediately  flagged,  deleted  or  nmvcd. 

Moreover,  forms  that  enter  the  SharePoint  system  from  the 
retail  sales  force  are  archived  in  an  optical  storage  system,  with 
built-in  rules  for  regulatory  compliance  and  security  enforcement. 

In  terms  of  centralized  control,  “we  keep  an  eye  on  storage 
capacity,  and  we  have  tools  to  see  how  activity  is  going  on  the  site," 
Rettig  says.  “[But]  we  don’t  really  have  total  command  and  control, 
and  I  don’t  think  there  are  a  lot  of  companies  out  there  who  do.” 

That's  for  sure,  agrees  Doug  Miles,  director  of  market  intel¬ 
ligence  at  AIIM,  an  association  focased  on  enterprise  content 
management.  In  a  June  survey  of  624  organizations,  AIIM  found 
that  55%  were  establishing  SharePoint  policies  for  team  sites, 
but  other  forms  of  governance  were  lacking,  just  22%  said  they 
provided  staff  with  guidance  on  content  type  and  classification, 
and  only  15%  had  formal  document-retention  policies  and  legal- 
discovery  procedures.  Despite  this,  nearly  a  quarter  (23%)  had 
rolled  out  SharePoint  to  their  entire  staffs. 

terms  of  what  they’ll  use  it  for,  which  seems  to  fly  in  the  face  erf  a 
lot  of  good  IT  practice,"  Miles  says.  “I’m  not  saying  I’m  a  control 
freak,  but  I  do  err  on  the  side  of  decently  written  policies."  Miles 
also  urges  companies  to  defi  ne  which  types  of  content  can  show  up 
on  SharePoint  and  which  types  should  be  reserved  for  other  places, 
such  as  human  resources  and  document  management  systems. 

Microsoft  included  security,  document  management  and  other 
control-related  capabilities  in  the  newer  versions  of  SharePoint 
(2007  and  2010),  but  the  general  intent  behind  SharePoint  — 
free-form  collaboration  —  runs  counter  to  the  norion  of  control. 

quash  that  freedom. 

“The  way  to  get  control  is  to  design  policies  upfront,  like  what 
the  site  is  designed  to  be  used  for  and  what  content  is  intended  to 
be  on  it,"  says  Larry  Briggi,  a  managing  director  in  the  technol¬ 
ogy  practice  at  FTI  Consulting  Inc.  in  New  York.  “But  if  )-ou 
stifle  it  too  much,  users  won’t  be  able  to  do  everything  lhe>''re 
supposed  to  and  the  system  is  less  useful." 

Greg  Clark,  a  consultant  at  C3  Associates  Inc.,  a  Calgary,  Alberta- 
based  consultancy  specializing  in  enterprise  content  management. 


The  most  popular  applications  of  SharePoint: 

^  Collaboration 

1  workspaces 
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M  Document  | 
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■■  Portals  to  mul- 
#  tiple  content 
#  repositories 
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directories 
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Advice  From 
The  Trenches 


U  Focus  on  business 
requirements. 

Don’t  let  IT  drive 
the  implementation. 

SharePointisnot 
an  out-of-box  imple¬ 
mentation.  With 
more  and  more  impiementa- 
tions  going  on,  good  SharePoint 
consultants/experts  are 
hardtocomeby- 

U  [You]  need  a  gover¬ 
nance  plan  first  It 
is  an  absolute  must 
The  step  cannot  be  skipped 
under  any  circumstances. 


Sort  out  governance. 
Sort  out  training. 
Sort  out  the 

information  architecture. 

Sort  out  a  basic  taxonomy. 


CC 

integrator. 


Look  for  third-party 
tools  to  round  it 
out  Find  agood 


SharePoint  will  be 
the  next  new  dumping  ground 
for  electronic  documents. 

I  iVRRV  BBIGGI.  MANAGING  DIRECTOR.  FTI  CONSULTING  INC. 


says  SharePoint  governance  needs  to  include  records  managers  and 
the  legal  department,  not  just  IT.  "People  just  put  SharePoint  out 
there,  and  it  goes  viral  —  suddenly  you’ve  got  tens  of  thousands  of 
sites,”  he  warns.  The  trick  is  to  manage  SharePoint  in  a  systematic 
way  that’s  not  so  constrained  that  people  don’t  want  to  use  it. 

E-discovery  Concerns 

One  area  that  must  be  addressed  is  e-discovery  of  information  for 
court  cases.  “SharePoint  will  be  the  next  new  dumping  ground 
for  electronic  documents,"  following  e-mail  and  shared  directo¬ 
ries,  Briggi  says.  “That’s  a  good  thing  from  a  usage  and  conve¬ 
nience  perspective,  but  the  downside  is  that  it  becomes  a  new 
[legal]  discovery  source.  And  that’s  a  little  more  challenging.” 

Briggi  points  out  that  SharePoint  systems  can  have  millions  of 
documents  and  hundreds  of  record  custodians,  and  there’s  rarely 
a  single  go-to  person  who  knows  everything  about  the  SharePoint 
environment. 

Plus,  the  usual  mechanism  for  finding  documents  in  Share- 
Point  —  keyword  searches  —  won’t  necessarily  identify  all  the 
content  relevant  to  a  particular  case.  Part  of  this  hinges  on 
having  the  right  keywords,  and  if  indexing  is  not  turned  on  for 
specific  sites,  the  data  in  those  areas  will  not  be  searched.  To 
overcome  such  challenges,  FTI  Consulting  designed  an  approach 
that  searches  the  site  by  individual  custodian,  regardless  of 
keywords,  and  then  transfers  that  content  outside  of  SharePoint, 
where  it  can  be  preserved  in  a  legally  acceptable  way,  Briggi  says. 

But  companies  need  to  consider  the  e-discovery  implications 
of  SharePoint  at  the  outset  of  a  project,  before  they’re  suddenly 
hit  with  a  discovery  request  during  litigation,  observers  say. 

Jessica  Carroll,  managing  director  of  IT  at  the  United  States  Golf 
Association,  says  her  organization  is  working  to  integrate  Share- 
Point  2007  into  its  e-discovery  system.  The  association  purpose¬ 
fully  selected  an  e-discovery  system  that  could  be  customized  to 
teach  into  SharePoint  so  the  organization  could  place  documents 
on  legal  hold  and  comply  with  document  retention  regulations. 

The  USGA’s  SharePoint  implementation  has  two  audiences: 
The  organization’s  350  internal  employees,  plus  the  external 
committee  members  and  regional  golf  associations  it  works  with. 
USGA  SharePoint  sites  are  used  to  publish  reference  material 
and  forms,  share  ideas  and  host  discussions  between  the  outside 
groups  and  staff. 

Companies  also  need  to  pay  attention  to  government  regula¬ 
tions,  particularly  those  requiring  retention  periods  for  different 
types  of  documents.  Miles  says  SharePoint  2007  provides  the 
ability  to  move  documents  to  a  records  repository.  But  according 
to  the  AlIM  survey,  only  40%  of  SharePoint  users  have  instituted 
long-term  archiving  policies.  “They’re  actually  exposing  them¬ 
selves  [to  legal  risks]  because  e-discovery  and  archiving  haven’t 
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COLLABORATION 


tions,  particulariy  those  requiring  retention  peric - 

types  of  documents.  Miles  says  SharePoint  2007  provides  the 
ability  to  move  documents  to  a  records  repository.  But  according 
to  the  AllM  survey,  only  40%  of  SharePoint  users  have  institutei 
long-term  archiving  policies.  “They’re  actually  exposing  them¬ 
selves  [to  legal  risks]  because  e-discovery  and  arcing  haven’t 


oumai 


Spying,  or  Something  innocent? 

A  log  suggests  that  two  executives  logged  into joi  the 
shouldn't  mess  with.  Time  to  investigate. 


I  DON'T  KNOW  whether  I  should 
admit  this,  but  one  of  my  favorite 
activities  as  a  security  manager  is 
incident  response. 

Sure,  incidents  can  be  a  security 
manager's  worst  ni^tmare,  putting  you 
and  your  security  program  on  the  spot. 
But  they  ate  fairly  rare  at  my  company, 
so  when  we  do  have  one,  it  is  something 
of  a  break  from  my  general  routine  of 
audits,  compliaoce  activity  and  meet¬ 
ings.  They  are  usually  challenging,  and 

didn't  uncover  any  bad 
guys,  as  it  turn;  out, 
but  we  did  rliscoveT  a 
configuratkxi  error  in  our 
Microsoft  DNS  servers. 

Here's  what  happened;  One  of  our 
engineers  was  using  software  called 
Remote  Admin  (Radmin)  to  troubleshoot 
one  of  the  expensive,  specialized  mea¬ 
surement  tools  that  my  company  designs 
and  manufactures.  While  reviewing 
connection  logs  from  the  Radmin  server 
software,  he  noticed  some  suspicious 
activity  that  had  originated  from  the 
PCs  of  two  of  the  most  senior  executives 
in  the  company.  That  was  very  strange, 
since  our  high-level  executives  don't 


normally  log  into  the  tools.  Why  would 
these  executives  have  done  that?  1  had 
to  wonder.  So  I  asked  them.  One  took  a 
look  at  the  logs  and  said  that  at  the  time 

of  the  connection,  he  had  been  sleep¬ 
ing.  The  other  executive  said  that  when 
his  machine  was  supposedly  logging 
into  oneof  our  tools,  he  was  high  above 
the  Atlantic  on  his  way  to  Eun^.  So 
bow  could  these  machines,  which  were 
turned  off  or  unattended,  be  responsible 
for  the  suspicious  connections? 

As  it  turned  out,  they  weren't.  In  fact, 
the  Iqgans  weren't  done 
from  two  different 
PCs  befonging  to  two 

PC  belonging  to  an  en¬ 
gineer  with  a  legitimate 
reason  to  log  into  the  tool. 

So  bow  was  it  that  a  Domain  Name 
System  reverse  lodnip  had  fingered  the 
wrong  parties? 

In  out  company,  we  use  Dynamic  Host 
Configuration  PrMocol,  or  DHCP,  which 
assigns  an  IP  address  from  a  predefined 
network  range.  We  have  DHCP  config¬ 
ured  so  that  each  IP  address  assignment 

PC  is  assigned  a  diCforent  IP  address  the 
next  time  it  comes  on  the  network.  What 


U  Incident  response  can  be  an  interesting  diversion, 
birt  it’s  also  a  chance  to  uncover  vuinerabilities. 


Trouble 

Ticket 


1  hadn't  realized  was  that  our  Windows 
environment  keeps  the  cache  informa¬ 
tion  on  all  these  IP  address  assignments 
rather  than  purging  the  old  entries. 

Caching  Out 

1  couldn't  understand  why  we  would 
arrange  things  this  way,  so  1  asked  our 
Windows  server  team,  who  told  me  that 
they  had  disabled  automatic  flushing  of 
the  DNS  cache  because  it  had  caused 
problems.  What  sort  of  problems?  1 
wanted  to  know.  Uh,  well,  no  one  could 
remember  exactly.  In  any  event,  this 
caching  was  why  our  logs  had  pointed  to 
the  two  executives,  since  their  PCs  had 
been  assigned  those  two  IP  addresses  in 

We'll  have  to  irrvestigate  what  the 
reason  was  for  disabling  the  Bushing 
of  the  DNS  cache;  it  might  not  even 
be  a  real  proUem  anymore,  and  we'll 
certainly  find  a  way  around  it  if  it  is  still 
a  valid  problem,  so  that  we  can  te-enaWe 
the  automatic  Bushing. 

In  the  end,  we  didn't  have  any  execu¬ 
tives  involved  in  industrial  espionage. 

But  even  thou^  this  incident  was  a  false 
positive,  it  was  an  interesting  diversion. 
And  it  provided  a  good  lesson  on  the 

baselines  to  ensure  that  DNS  servers 
properly  Bush  information.  Of  course,  1 
also  want  to  have  historical  information 
available  to  answer  questions  such  as 
who  was  assigned  a  particular  IP  address 
at  a  given  date  and  time.  That  can  be 
critical  information  to  have,  and  we'll 
want  to  retain  it.  * 

This  week's  joumni  is  written  by  o  real 
security  numqger,  “MalWas  Hiamian,’’ 

whose  name  <tnd  employer  hove  been  disguised 
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SNW,  in  conjunction  with  Computerworld  the  Storage 
Networking  Industry  Association  (SNIA),  proudly  announces 
the  winners  of  the  SNW  “Best  Practices”  Awards  Program. 
This  program  honors  IT  user  “best  practice"  case  studies 
selected  from  a  field  of  qualified  finalists. 


Best  Practices  in  Energy  Efficiency,  Green  Computing 
and  the  Data  Center 
WINNER:  NETAPP,  Sunnyvale,  California 
Finalists:  Avnet,  Inc^  Phoenix,  Arizona 
Credit  Solutions,  Dailas,  Texas 

King  County  -  Office  of  information  Resource  Management  (OIRM), 
Seattle.  Washington 

The  College  of  Saint  Rose,  Albany,  New  York 

Best  Practices  in  Planning,  Designing  and  Building  a 
Next  Generation  Storage  and  Server  Infrastructure 
WINNER:  CLACKAMAS  COUNTY,  Oregon  City,  Oregon 
Finalists:  Alder  Hey  Children’s  Hospital,  Liverpool,  England 
AlphaStaff,  Fort  Lauderdale,  Florida 
Qualcomm,  San  Diego,  California 
Sheraton  Old  San  Juan  Hotel  &  Casino.  San  Juan,  Puerto  Rico 

Best  Practices  in  Storage  Resiliency,  Data  Protection 
and  Recovery 

WINNER:  BARCLAYCARD  US,  Wilmington,  Delaware 
Finalists:  National  Coyrboy  &  western  Heritage  Museum,  Oklahoma  Oty.  Oklahoma 
Poulin  Grain,  Newport,  Vermont 
Victoria  College.  Victoria.  Texas 
Winckworth  Sherwood,  London,  England 

Best  Practices  in  Technology  Innovation  and  Promise 
WINNER:  QUALCOMM,  San  Diego,  California 
Finalists:  American  Society  of  Health-System  Pharmacists.  Bethesda,  Maryland 
Garden  City  Co-op,  Inc.,  Garden  City,  Kansas 
Oroville  Hospital,  Oroville,  California 
TechniGraphics,  Inc.,  Wooster,  North  Dakota 

Best  Practices  in  virtualization  and  Cloud  Computing 
WINNER:  SPRINT,  Overland  Park,  Kansas 
Finalists:  Almaviva  Tele  Sistemi  FerroWari  05F),  Rome,  Italy 
Applied  Materials,  Austin,  Texas 
CartIka  IT  Solutions  Inc,  Toronto,  Canada 
Gilbarco  veeder-Root,  Greensboro,  North  Carolina 


The  SNW  “Best  Practices” 
Award  recipients  were  honored 
on  Wednesday,  October  13*  at 
the  SNW  Fall  2010  conference 
in  Dallas,  Texas. 


SPRING  2011 

Submit  your  case  study  for 
SNW’s  Spring  2011  Best  Practices 
Awards  Program!  Please  visit 
www.snwusa.com  and  click 
on  the  Awards  tab  for  more 
information.  Nominations  will 
open  in  mid-November. 


oumai 


Trouble 

Ticket 


Spying,  or  Something  Innocent? 


DON’T  KNOW  whellier  I  should 
admit  this,  but  one  of  my  favorite 
activities  as  a  security  manager  is 
incident  response. 

manager's  worst  nightmare,  putting  you 
and  your  security  program  on  the  spot. 
But  they  are  lairly  rare  at  my  company, 
so  when  we  do  have  one.  it  is  something 
of  a  break  from  my  general  routine  of 
audits,  compliance  activity  and  meet¬ 
ings.  They  are  usually  challenging,  and 
sometimes  we  catch  a  bad  guy. 

Our  most  recent  event 
didn't  uncover  any  bad 

but  we  did  discover  a 

MkrrSrft  DNS  servers. 

Here's  wliat  happened:  One  of  our 
engineers  was  using  software  called 
Remote  .^dmin  (Radmin)  to  troubleshoot 

siirement  tools  that  my  company  designs 
and  manufactures.  While  reviewing 

software,  he  noticed  some  suspicious 
activity  that  had  originated  from  the 
PCs  of  two  of  the  most  senior  executives 
in  the  company.  That  was  very  strange, 
since  our  high-leveLexecutives  don't 


normally  log  into  tlie  tools.  Why  would 
these  executives  have  done  that?  I  had 
to  wonder.  So  I  asked  them.  One  took  a 
look  at  the  logs  and  said  that  at  the  time 
of  the  connection,  he  had  been  sleep¬ 
ing.  The  other  executive  said  that  when 
his  machine  was  supposedly  logging 
into  one  of  our  tools,  he  was  high  above 
the  Atlantic  on  his  way  to  Europe.  So 
how  could  these  machines,  which  were 
turned  off  or  unattended,  be  responsible 
for  the  suspicious  connections? 

As  it  turned  out.  they  weren't.  In  fact, 
the  log-ins  weren't  done 
from  two  different 
PCs  belonging  to  two 
executives  but  from  one 
PC  belonging  to  an  en¬ 
gineer  with  a  legitimate 
reason  to  log  into  the  tool. 

So  how  was  it  that  a  Domain  Name 
System  reverse  lookup  had  Bngered  the 
wrong  parties? 

In  our  company,  we  use  Dynamic  Host 
Configuration  Protocol,  or  DHCP,  which 
assigns  an  IP  address  from  a  predefined 
network  rar^e.  We  have  DHCP  config¬ 
ured  so  that  each  IP  address  assignment 
expires  after  two  weeks,  after  which  the 
PC  Is  assigned  a  different  IP  address  the 
next  time  it  comes  on  the  network.  What 


Inddent  response  can  be  an  interesting  diversion, 
but  it’s  also  a  chance  to  uncover  vulnerabilities. 


environment  keeps  the  cache  informa¬ 
tion  on  all  these  IP  address  assignments 
rather  than  purging  the  old  entries. 

Caching  Out 

1  couldn’t  understand  why  we  would 
arrange  things  this  way,  so  1  asked  our 
Windows  server  team,  who  told  me  that 
they  had  disabled  automatic  Hushing  of 
the  DNS  cache  because  it  had  caused 
problems.  What  sort  of  problems?  I 

remember  exactly.  In  any  event,  this 
caching  was  why  our  logs  had  pointed  to 
the  two  executives,  since  their  PCs  had 
been  assigned  those  two  IP  addresses  in 

We  ll  have  to  investigate  what  the 
reason  was  for  disabling  the  flushing 
of  the  DNS  cache;  it  might  not  even 
be  a  real  problem  anymore,  and  we’ll 
certainly  find  a  way  around  it  if  it  is  still 
a  valid  problem,  so  that  we  can  re-enable 
the  automatic  flushing. 

tives  involved  in  industrial  espionage. 

But  even  though  this  itKident  was  a  false 
positive,  it  was  an  interesting  diversion. 
And  it  provided  a  good  lesson  on  the 
importance  of  reviewing  configuration 
baselines  to  ensure  that  DNS  servers 
properly  flush  information.  Of  course,  I 

available  to  answer  questions  such  as 
who  was  assigned  a  particular  IP  address 
at  a  given  date  and  time.  That  can  be 
critical  information  to  have,  and  we’ll 

This  week’s  journal  is  written  by  a  real 
security  manager.  “Mathias  Thurman," 
whose  name  and  employer  have  been  disguised 
for  obvious  reasons.  Contact  him  at  mathias_ 
thurmari@yahoocom. 
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SNW,  in  conjunction  with  Computerworld  and  the  Storage 
Networking  Industry  Association  (SNIA),  proudly  announc 
the  winners  of  the  SNW  “Best  Practices”  Awards  Program 
This  program  honors  IT  user  “best  practice”  case  studies 
selected  from  a  field  of  qualified  finalists. 

Best  Practices  in  Energy  Efficiency,  Green  Computing 
and  the  Data  Center 
WINNER:  NETAPP,  Sunnyvale,  California 
Finalists:  Avnet,  Inc.,  Phoenix.  Arizona 
Credit  Solutions,  Dallas.  Texas 

King  County  -  Office  of  Information  Resource  Management  (OIRM), 
Seattle,  Washington 

The  College  of  Saint  Rose,  Albany,  New  York 

Best  Practices  in  Planning,  Designing  and  Building  a 
Next  Generation  Storage  and  Server  Infrastructure 
WINNER:  CLACKAMAS  COUNTY,  Oregon  City,  Oregon 
Finalists:  Alder  Hey  Children’s  Hospital,  Liverpool.  England 
AlphaStaff,  Fort  Lauderdale.  Florida 
Qualcomm,  San  Diego,  California 
Sheraton  Old  San  Juan  Hotel  8  Casino,  San  Juan.  Puerto  Rico 

Best  Practices  in  Storage  Resiliency,  Data  Protection 
and  Recovery 

WINNER:  BARCLAYCARD  US,  Wilmington.  Delaware 
Finalists:  National  Cowboy  8  Western  Heritage  Museum,  Oklahoma  City,  Oklahoma 
Poulin  Grain,  Newport,  Vermont 
Victoria  College,  Victoria,  Texas 
Winckworth  Sherwood,  London.  England 

Best  Practices  in  Technology  Innovation  and  Promise 
WINNER:  QUALCOMM,  San  Diego.  California 
Finalists:  American  Society  of  Health-System  Pharmacists,  Bethesda,  Maryland 
Garden  City  Co-op,  Inc.,  Garden  City,  Kansas 
Oroville  Hospital,  Oroville,  California 
Techn/Graph/cs,  Inc.,  Wooster,  North  Dakota 

Best  Practices  in  Virtualization  and  Cloud  Computing 

WINNER:  SPRINT,  Overland  Park,  Kansas 


The  SNW  “Best  Practices” 
Award  recipients  were  honored 
on  Wednesday,  October  13*^  at 
the  SNW  Fall  2010  conference 
in  Dallas,  Texas. 


SPRING  2011 

Submit  your  case  study  for 
SNW’s  Spring  2011  Best  Practices 
Awards  Program!  Please  visit 
www.snwusa.com  and  click 
on  the  Awards  tab  for  more 
information.  Nominations  will 
open  in  mid-November. 


Finalists:  Almaviva  Tele  Sistemi  Ferroviari  (TSF),  Rome,  Italy 
Applied  Materials,  Austin,  Texas 
Cartika  IT  Solutions  Inc.,  Toronto,  Canada 
Gilbarco  Veeder-Root,  Greensboro,  North  Carolina 


ITorganizatioiis 
are  expected 
to  complete 
projects  on  time, 
on  budget  and 
with  high  quality 
-but  often 
don’t 


managing  partner  at 
Louisville.  Ky.-based 
Leverage  Partners 
Inc.,  which  helps 
organizations  invest 

him  at  BartPerkinsS 
LeveragePartners.com. 
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Project  Management: 
No  Horsing  Around 


IOW  WOULD  you  like  to  be  responsible  for  an  IT  project  in  support 
of  a  world-famous  sporting  event?  Much  of  the  hardware  and  soft¬ 
ware  will  be  chosen,  supplied  and  installed  by  vendors  that  are  also 
event  sponsors  (selected  to  meet  long-term  site  needs,  even  when  in 


conflict  with  the  event  requirements).  The  siu 

covets  600  acres,  and  though  major  upgrades  to 

the  infrastructure  are  needed,  you  can’t  get  access 
to  the  site  until  19  days  before  going  live.  Oh,  and 
the  whole  world  will  be  watching.  Want  to  s^  up? 

These  challenges,  and  others,  faced  IT  support 
for  the  Alkech  FEI  World  Equestrian  Games 
(WEG),  the  World  Cup  for  hoises.  The  2010  WEG 
was  held  at  the  Kentucky  Hoise  Park  in  Lexing¬ 
ton,  Ky.  As  the  first  WEG  held  outside  Europe, 
it  had  to  be  flawless.  But  the  IT  challenges  were 
monumental: 

IIP  ptaybot*.  The  WEG  has  no  fintnal  proce¬ 
dures  or  process  to  share  lessons  learned  from  past 
events.  (The  Olympics,  in  contrast,  have  standard¬ 
ized  FT  operating  procedures.)  Unlike  European 
WEGs,  the  zoto  games  were  held  in  a  single  loca¬ 
tion.  necessitating  versatile  reuse  of  event  sites, 
which  added  logistical  cotrqdexity. 

United  hifrastmctare.  Although  power,  cell 

coverage  and  Internet  access  were  upgraded 
prior  to  the  WEG,  existing  systems  were  still 
insufficient  for  an  event  of  this  size.  WEG  IT 
expanded  the  Horse  Park’s  network  to  include 
most  of  the  park.  It  was  partitioned  to  support 
credit  card  transactkms,  large-photo  transmission 
and  broadcast  television  without  interfering  with 
the  ground  crew  and  security  radio-frequency 
networks.  Seventy  generators  provided  additional 

Ml. ’The  WEG  relied 


irs.  IT  systems  facilitated  information- 


held  in  one  ring,  requiring  reconfiguration  of 
physical  jumps  between  events.  Corresprmding 
power  and  fiber-optic  cables  had  to  be  physically 
relocated;  new  ditches  were  dug  before  each  event, 
and  cables  laid  and  buried.  For  tbe  first  time,  GPS 
devices  were  attached  to  saddles  to  track  horses 
on  the  loo-mile  cross-country  endurance  tide.  If 
a  horse  stopped  moving,  help  could  be  dispatched 
quickly.  In  addition,  judges  and  spectators  could 
nunitor  tbe  progress  and  relative  standings  of  the 
horses,  even  while  they  were  out  of  sight 

Scheduling  and  tracking  5,orx>  volunteers  was 
complicated  because  many  worked  only  two  or 
three  days.  All  systems  had  to  be  highly  intuitive, 
retpiirit^  virtually  no  training. 

Hlfll  securitv.  Many  owners,  riders  and  visitors 
were  royalty  or  wealthy  people  from  Europe  and 
the  Middle  East.  Over  40  federal,  sure  and  local 
agencies  worked  together  in  a  joint  operations 
command  center.  WEG  IT  systems  had  to  imer- 
face  with  command  center  protocols. 

IT  organizations  ate  expected  to  complete 
projects  on  time,  on  budget  and  with  hi^  quality. 
But  many  fail  to  meet  these  expectations.  IT 
support  for  the  zoto  WEG  was  highly  successfuL 
demonstrating  that  IT  projects  can  succeed  even 
under  extremely  difikult  circumstances. 

Such  projects  can  inspire  IT  organizations 

everywhere.  So  add  a  horse  photo  to  your  desktop, 
as  a  symbol  of  creativity,  versatility,  grace  under 
pressure  and  teamwork.  Let  the  can-do  spirit  of 

tbe  World  Equestrian  Games  inspire  you  and  your 

organization  to  achieve  the  nearfy  mipossible.  ♦ 


MARKETPLACE 


Instantly  Search  Terabytes  of  Text 


♦  25+  full-text  and  fielded  data  search  options 

♦  Built-in  file  parsers  and  converters  highlight  hits  in  popular  file  types 

♦  Spider  supports  static  and  dynamic  web  data;  highlights  hits  with 
links,  formatting  and  images  intact 

♦  API  supports  C++,  .NET,  Java,  SQL  etc.  .NET  Spider  API. 

Includes  64-bit  (Win/Linux) 

♦  Fully-functional  evaluations  available 

Content  extraction  only  licenses  also  available 


dtSearch  “covers  all  data  sources  ...  powerful  Web-based  engines” 
—  eWEEK 

“Lightning  fast ...  performance  was  unmatched  by  any  other  producT 
—  Redmond  Magazine 

For  hundreds  more  reviews,  and  hundreds  of  developer 
case  studies,  see  www.dtSearch.com 

1-800-IT-FINDS  •  www.dtSearch.com 

'  The  Smart  Choice  for  Text  Retrieval*  since  1991 


pick  the  topics, 
pick  the  sources, 
pick  the  frequency. 


It's  free. 
/\v. techdispenser.com 


MiniGooseXP  II 

limate  Monitor 

$299 


Monitor 

•  Temperature 

•  3  Analog  Inputs 
■  16  Digital  Sensor  Ports 

S  V  Alerts  with  Escalations 

SNMP  (v1,  v2c,  v3) 

■I^^ATURES 
'^•%uilt-in  Web  Interface 

•  Optional  IP  Web  Cams 

•  Free  Firmware  Updates 


Career 

watch 

Staffiig  Rrm  Foresees 

Salary  nkreases  in  2011 


a  Bradley  P. 
Wri^t 

The  vice  pivsiclcnl 
f()r;^lobal  comrnu- 
nicalions  tcchiuTpj^val  JaCObS 
Engineering  Group  (ins\i>c  rs 

qucsliuns  about  corrimimicalmg 
more  clearly,  dealing  with  a  poorly 
performing  peer,  and  the  elements 
of  career  success. 


I’m  one  of  nuiiy  IT  dkwtors  in  my  compMiv.  Wt’ve  bMn 
taHdngaMaboiit  tho  Mure  direction  of  IT.  WO  all  chip  ki 
•M  dMUilils  and  ideas  at  mocliiiti,  blit  I  fool  I  don’t  fct 
my  points  across  wcH,  and  so  oihat  I  have  to  say  Is  usually 
Ifnoiod.  (somothnes  soaioone  Oise  wW  say  the  same  tbinf, 

How  can  I  becamo  less  tenfue-tlod?  Verbal  communication  is 


Mobile-Software 

Development 


If  you  don’t  presently  have  a  way  to  collect  actionable  inpot  and 
feedback  from  customers,  offer  your  boss  your  help  in  establishing 
a  program.  Second,  identify  areas  where  as  a  team  you  tailed  to 
meet  expectations.  It  is  important  that  you  address  failures  only  at 
a  team  level.  As  a  team,  create  action  plans  to  address  those  op¬ 
portunities.  Finally,  take  a  look  at  how  your  team  performs  against 
those  action  plans,  and  observe  any  changes  in  customer  feed¬ 
back.  Executed  well,  these  steps  and  the  visibility  they  create  will 
either  help  your  peer  become  a  produttive  member  of  your  team 


have  niM  nobilc-ritatid  devctopniMt  poiMoiii  in  the  put  12  moiilhs 
plan  to  expand  such  birinc  In  the  next  12  months.  They're  looking  for  develop¬ 
ment  professionals  with  experience  in  programming  for  mobile  platforms  such  as 


CSO  Executive  Seminar  Series  on 

Securing  the  Cloud 


January  26.  2011  I  New  York  Marriott  Downtown  I  New  York  City 


Ensure  Your  Move  to 
the  Cloud  is  Secure 


t;  it  will  now  be  held  on  January  26.  2011. 
Presented  by 

CSO 


Clouds  promise  to  deliver  unprecedented  business 
efficiencies,  but  securing  data  and  processes  in  the 
cloud  can  be  tricky. 

At  this  exclusive  executive  seminar  on  Securing  the 
Cloud,  you’ll  gain  real-world  insight  into  how  business 
leaders  are  securing  their  cloud  environments,  and: 

•  Discover  the  best  strategies  for  assessing 
security  risks  and  needs  for  the  cloud. 

•  Determine  which  applications  to  move  to  the 
cloud  and  how  to  apply  the  right  security. 

•  Gather  up-to-the-minute  advice  from  the  industry’s 
leading  practitioners  and  recognized  experts. 

•  Network  with  colleagues  who  wrestle  with  similar 
challenges  and  concerns. 


Featured  Speakers  Include: 

Jim  Reavis 

Co-founder,  Cloud  Security  Alliance 

Derek  Slater 

Editor  in  Chief,  CSO  magazine 

David  Giambruno 
CIO,  Revlon 
Nick  Akerman 

Partner,  Dorsey  &  Whitney  LLP 

Whether  you’re  assessing  specific 
moves  to  the  cloud  or  are  seeking  the 
latest  expert  advice,  this  seminar  series 
will  help  you  better  understand  cloud 
security  and  how  you  can  improve  your 
business  by  applying  it  wisely. 


Join  us  on  JANUARY  26^“  in 
NEW  YORK  CITY  for  this  UNIQUE  EVENT! 

REGISTER  NOW:  http://events.csoonline.com/csad 

CSO  Executive  Seminar  on  Cyber  Security  |  Washington,  DC  -  March  2011 
CSO  Executive  Seminar  on  Securing  the  Cloud  |  Chicago,  IL  -  May  2011 


Sponsorship  Opportunities  Are  Available 

CSO  Executive  Seminar  Series  attracts  a  powerful  and  influential  audience  of  security  decision  makers. 
For  Sponsor  Opportunities,  contact  Per  Melker  at  508.935.4729  or  e-mail  pmelker@cxo.com 


SHARKT/'NK 


TRUE  TALES  OF  IT  LIFE  AS  TOLD  TO  SHARKY 


Getting  to  the  Top - 
The  Hard  Way 

IT  VP  pilM  fish  gets  an  early-mof  ning  call  from  a  divisional  presidi 
already  has  a  pretty  good  idea  what  ifs  about.  "One  of  our  offices 
a  downtown  Los  Angefes  skyscraper."  says  fish.  "During  a  recent  t 


Get  more  IT  peer 
perspective  online: 


Nkta  Thongnopneu 


IL 


New  Co/n/N/ter- 
worf(/ research 
suggests 
that  IT  shops 
are  moving 
to  address 
mobility  issues. 


ScotFioiiitis 

Computerwortd's 
editor  in  chief. 

himatsfinniee 

computen»orW.coni. 

and  follow  him  on 
Twitter  (SScotFinnie). 


OPINION 

mnNNiE 


Getting  IT  Set  for  Mobile 


This  business  will  get  out  of  control.  It  will  get  out  of  control, 
and  we’ll  be  lucky  to  live  through  it” 

That’s  a  quote  from  the  movie  The  Hunt  for  Red  October,  but 
it’s  also  a  paraphrase  of  my  July  column,  “The  Rise  of  Con¬ 


sumer  Tech."  I  was  lamentiiig  the  lack  of  readiness 
at  many  IT  shops  to  handle  the  explosion  of  con¬ 
sumer  devices,  apps  and  mobile  [datfbrms.  And 
make  no  mistake,  IT  faces  several  challenges  in 

the  management  and  support  of  mobile.  But  I  may 
have  overestimated  the  cause  for  concern. 

New  Computerworfd  research  suggests  that  IT 
shops  ace  moving  to  address  mobility  issues  —  m 
that  they’re  at  least  aware  of  the  need  to  do  so.  Espe¬ 
cially  telling  are  these  stats  from  arniputenvorlrfs 

■  Neatly  75%  of  the  responderrts  said  their  IT 
organizations  are  supportir^  employee-owned 
mobile  devices,  inchj^  smartphones,  tablets, 
netbooks  and  notebooks. 

■  A  surprising  65%  said  their  IT  shops  ate  al¬ 
ready  supportit^  three  or  more  mobile  platforms. 

Another  finding  that  shows  tbe  wisdom  of  IT 
organizations:  Some  65%  anticipate  mobile  IT 

budget  increases  in  the  coming  year.  And  the  aver¬ 
age  estimated  increase  is  a  fairly  significant  19%. 

A  September  2010  report  fr^  Forrester  Re¬ 
search  sums  it  irp  another  way;  "Most  firms  have 
prioritized  mobile  technology  expansion.  Mobility 
is  frortt  and  cerrter  fi>r  62%  of  CIOs  and  ITIeaders 
across  the  globe,  with  t6%  seeing  it  as  a  critical 
priority  acrd  46%  seeing  it  as  a  high  priority." 

Most  projections  show  mobile  growth  continu¬ 
ity  well  into  the  new  decade.  Last  month,  IDC  re- 
ported  that  the  third  quarter  of  2010  marked  foitr 
successive  quarters  of  growth  in  handset  sales. 

But  mobile  is  moving  so  first,  it’s  tough  to  keep 
tabs  on  it.  In  September,  IDC  said  that  "heteroge¬ 
neous  device  environments  ate  the  norm  for  most 

errterprises  today”  and  projected  that  RIM  would  re¬ 


tain  its  smartphone  market-share  lead  within  busi- 

nesses  in  the  U.S  through  2014.  But  tou^  one 

month  after  IDC  issued  that  report,  Apple’s  iPhone 

shipments  topped  RlM’s  BlackBerry  shipments. 

That  volatility  also  points  up  why  the  prolifera¬ 
tion  of  platforrtts  makes  supporting  mobility  com¬ 
plex.  But  by  far  the  biggest  challenge  is  imple¬ 
menting  enterprise  mobile  security  and  figuring 
out  some  sort  of  solution  for  manageabrlity. 

I^rhaps  tbe  most  sigrrificant  of  Conrputer- 
worid’s  findings  is  that,  of  the  companies  it  sur¬ 
veyed,  80%  of  those  with  mote  than  1,000  em¬ 
ployees  ate  taking  measures  to  govern  which 
devices  and  services  employees  can  use,  and 

they’re  trying  tocontrol  vdiether  and  how  those 
devices  can  access  corporate  daU. 

Those  are  solid  first  steps,  but  despite  the  good 
news  our  survey  uruxrvered,  1  can’t  shake  the 
sense  of  fraeboing  that  fueled  my  July  column.  Is 
all  of  this  enough,  or  are  companies  merely 
scratching  the  surface? 

What  does  real  mobile  security  look  like?  Does 
it  involve  using  good  protection  with  BlackBerry 
Enterprise  Server  while  taking  advant^  of  the 
enterprise  customizability  firr  iPhones  in  iOS  4 
and  punting  on  employee-owned  Andix^  rlevic- 
es?  You  need  sohrti^  that  can  manage  and  se 
cure  all  the  mobile  rlevices  in  your  environment, 
regardless  of  who  owns  them. 

It’s  clear  fiom  a  variety  of  research  sources  that 
IT  is  opening  its  eyes  to  mobile  challenges.  And 
that’s  good  news.  But  I’d  like  to  hear  about  IT  pros’ 
experiences.  Drop  me  an  e-mail  and  let  me  kriow 

how  your  company  is  fining  when  it  comes  to  se¬ 
curing  and  managing  mobility  technologies.  * 
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COMPLIANCE 


Solve  more  problems  at  qwestsolutions. 


